Best way to block a large list of IP addresses

I'm in the process of taking further steps to protect my home Web / SSH server from malicious attacks. The next thing I'd like to try doing is block a large list of known malicious IP addresses that I have listed in a text file.
I followed the Arch Wiki and set up a simple stateful firewall using iptables, but now I'm a bit stuck...
I tried using a little bash script to tell iptables to block all of the addresses in the list. It seemed clunky since it takes about 30 seconds for the script to run. Also, I'm not even sure where the best place would be to run the script in Arch Linux.
I considered saving all of those blocked IP addresses in my actual iptables settings file, but I feel that would make it difficult for me to easily download and use a new list of malicious IP addresses.
I looked into some other firewall applications. None of them seem to have the simplicity of iptables, but I may just be uneducated on the topic.
So... Does anyone have a suggestion for easily blocking a large list of malicious IP addresses on my home server? Is it feasable to do with iptables? Should I use a different firewall application? Is it even worth it, security wise, to block these addresses?
Thank you.

Thank you for the suggestions. I like the how ipset is a software companion to iptables, so I decided to use that.
...and OH BOY has it been hard to grasp. I think I got it, though.
Ok, so I have iptables loaded in my DAEMONS array. I created the directory "/etc/ipset/deny/" which now contains five files filled with lists of naughty IP addresses from here. I then created the script "/etc/ipset/init-deny" like so:
#!/bin/bash
# Create a set of naughty IP addresses
ipset create denyset hash:net -quiet
# Add the addresses to the set
for ipaddress in $(egrep -h -v -E "^#|^$" /etc/ipset/deny/*); do
ipset add denyset $ipaddress -quiet
done
# Tell iptables to ignore all addresses in the set
iptables -I INPUT -m set --match-set denyset src -j DROP
and call it from "/etc/rc.local". I think it works. (I can't ping any naughty addresses anymore) I think the only part I couldn't really understand was the match set line: whether I should use "--match-set denyset src" or "--match-set denyset src,dst".
I'd love anymore feedback about this setup, especially in regards to where would be the proper place to load the ipset commands. "/etc/rc.local" just feels clunky.
...also, FYI, for some reason the Arch Linux forums IP address (176.9.18.112) is totally in that guy's list of "exploited" IP addresses.

Similar Messages

  • What is the best way of compressing a large 3 hour final cut file

    What is the best way of compressing a large 3 hour final cut file. I shot the play and it is in final cut and I rndered it so now I have a 22gb file that I need to put on a dvd . Any suggestions
    Thanks
    Macbook Pro
    2.3 GHz Intel Core i7
    with Final Cut Pro 7.0.3
    using Lion as operating system

    Presuming your menus aren't complicated(include audio or video) the total size for the MPG-2 and AC3 files should probably be under 8GB for a dual layer disk. The inspector will tell you the estimated size. 2-pass varible bit rate would be recommended.
    Trying to fit 3 hours on a DVD-5 will only bring very noticable quality hits. Compressor will let you change the average bit rate so that you can fit 174 minutes but trade-off isn't worth it in my opinion.
    Be aware that dual-layer -R and +R media may not play well for everyone everywhere.
    I presume you are not making 1000 or more copies? If you were replication could solve this.
    One other alternative would be to break-up the show into two parts and spread it across two DVD-5s.

  • Best way to organize a large photo library on a 10.6.8 Macbook?

    I have an older Macbook pro- version 10.6.8. 
    I am looking for the best way to organize my large library of photos (approx. 15,000).  I have both personal as well as professional photos that I would like to organize and keep separately. I currently use iPhoto'09 version 8.1.2 but it has become very slow and I would like to find a solution that uses better organization.  I am considering keeping my personal photos in iPhoto and my professional photos in another organization app.  I was thinking about purchasing Aperture, however it is only available for Mac OS X version 10.7.5 or later and the same goes for the latest version of iPhoto. 
    I am a little confused about what my options are.  Can anyone recommend anything?  I am looking simply for a good organization tool, I am not interested in photo editing or anything beyond that.

    Well now we know that the speed problem is in your old library. Repair it.
    Option 1
    Back Up and try rebuild the library: hold down the command and option (or alt) keys while launching iPhoto. Use the resulting dialogue to rebuild. Choose to Repair Database. If that doesn't help, then try again, this time using Rebuild Database.
    If that fails:
    Option 2
    Download iPhoto Library Manager and use its rebuild function. (In Library Manager it's the FIle -> Rebuild command)
    This will create an entirely new library. It will then copy (or try to) your photos and all the associated metadata and versions to this new Library, and arrange it as close as it can to what you had in the damaged Library. It does this based on information it finds in the iPhoto sharing mechanism - but that means that things not shared won't be there, so no slideshows, books or calendars, for instance - but it should get all your events, albums and keywords, faces and places back.
    Because this process creates an entirely new library and leaves your old one untouched, it is non-destructive, and if you're not happy with the results you can simply return to your old one. 
    Backing Up:
    Time machine will back up, yes. Just be sure it's set up correctly.
    Most Simple Back Up
    Drag the iPhoto Library from your Pictures Folder to another Disk. This will make a copy on that disk.
    Slightly more complex:
    Use an app that will do incremental back ups. This is a very good way to work. The first time you run the back up the app will make a complete copy of the Library. Thereafter it will update the back up with the changes you have made. That makes subsequent back ups much faster. Many of these apps also have scheduling capabilities: So set it up and it will do the back up automatically. Examples of such apps: Chronosync or DejaVu . But are many others. Search on MacUpdate
    Regards
    TD 

  • Best way to block multiple logins/same user ?

    What is the best way to block/prevent someone from logging in more than once at the same time with the same userID?
    I was thinking to post to a database whenever a user logs in/out but then every time a user does this there has to be a database call to see if that user is already logged in. This solution doesn't seem to efficient or maybe it is.?? Anyone with a better solution?

    I'm not sure what you mean. A user will log in, the form data will be authenticated against the db data, credentials will be stored in the session if authen was a success and sent back to login page if otherwise. I am imagining that I can put a flag field in the database LOGGED_IN with Y or N. So when user successfully authenticates I can insert a Y in the user's LOGGED_IN field and when the session gets destroyed insert a N. Does this answer your question?

  • Best way to create a conact list from the user profile properties

    We have a customer looking for a phone book utility, starting with a table showing main user information and with some search options. We would like o base it on the user profile properties and not to create an indipendent studion record browser porlet.
    What is best way to create a conact list from the user profile properties ?

    I did something like this using search.  It can get messy, so you need to take care with it.
    * Identify the properties you want to make accessible to search (ex: name, etc.)
            - add them to the user property map
            - flag them as searchable
    * I broke down and used the native server API.  I'd still suggest this approach.
    * Write some simple code to do vcard export if you like
    (my code is all in vb.net)
    I really believe this is the "right" approach, but honestly, this was a bit painful and has been
    messy for us given some other business issues.  (to my chagrin we have users with 2-letter last
    names...)
    I have code you're welcome to poke at, but it's more or less slapped together and has various
    different search methods commented out so you can see how I tinkered w/ the remote vs. server
    API.
    If you'd like it mail me at [email protected] and I'll send you a zipped copy w/ a
    readme.  I hope it may be useful to you as both a starting reference.

  • What is the best way to handle very large images in Captivate?

    I am just not sure the best way to handle very large electrical drawings.
    Any suggestions?
    Thanks
    Tricia

    Is converting the colorspace asking for trouble?  Very possibly!  If you were to do that to a PDF that was going to be used in the print industry, they'd shoot you!  On the other hand, if the PDF was going online or on a mobile device – they might not care.   And if the PDF complies with one of the ISO subset standards, such as PDF/X or PDF/A, then you have other rules in play.  In general, such things are a user preference/setting/choice.
    On the larger question – there are MANY MANY ways to approach PDF optimization.  Compression of image data is just one of them.   And then within that single category, as you can see, there are various approaches to the problem.  If you extend your investigation to other tools such as PDF Enhancer, you'd see even other ways to do this as well.
    As with the first comment, there is no "always right" answer.  It's entirely dependent on the user's use case for the PDF, requirements of additional standard, and the user's needs.

  • Best way to upload a large 25 minute video and where to?

    best way to upload a large 25 minute video and where to?

    Just a couple minutes surfing - YouTube only allows 15 minute videos from general users -- to upload larger apparently you have to be a trusted long time source.   There is also a restriction on the file size.
    YouTubes help section should give you all the details.
    I don't watch online videos - so I just used a query in ASK.Com to get some quick tips.

  • Best way to block specific external IP addresses

    I'm using an ASA also and I've been blocking IPs for some time now and it has really tapered off ( now I'm just watching the "hit" counters tick up) - I check the geographic location of the offending IP and if it is from a region of the world that we wouldn't interact with anyway, I block the entire range of IPs... mostly China and Korea and Russia. Fast forward several months and I rarely block an IP any more as most of the offending IPs have already been blocked. Of course this strategy won't work for everyone.
    Any way you accomplish this task is going to require you to add the addresses as they pop up on your radar so I don't see how GPO will make your life easier, you'll want to block at the perimeter anyway.

    Every week we get a list of known  Malware IP addresses. My boss wants me to block these addresses so I was wondering what the best way to do this would be. We have a Cisco ASA and I know I could create a network object for each IP addresses and select block all access. But is that the best way. I think another option might be with a GPO and a hosts file. Any other ideas. There are usually 30-50 IP addresses listed at least every week. Any other ideas or a better way to accomplish this? Thanks.
    This topic first appeared in the Spiceworks Community

  • What is best way to active sync large quantities of files on work PCs across multiple mobil devices of employees in the field?

    I am looking for the best way for us to file share between our PC and mobil devices?  We have tons of PDF files and would benefit from being able to view/edit while in the field but are not sure of the best way to do so…
    - iCloud drive isn’t ideal because it requires everyone to have and maintain their own files via their individual devices and iCloud addresses
    - Dropbox seems to work, but it doesn’t actually store a local copy of the files so we have to load each time to view and their document viewers are not the most user friendly
    - Google Drive we used a long time ago, when it first came out, and it kind of worked well, but due to the volume of files and size of folders we constantly ran into crashing issues and sync problems so we gave up on it…
    Ideally we would like to have local folders on our desktop that activesync to our mobil devices… Do you know of a way that this would be possible or do we need to purchase one of those large, robust field management programs?

    Hi Bob.
    So what I should have done on my PC for all my files is gone to the File menu and used the Package command which would have converted it into a file with the images in it so they wouldn't need to be relinked.
    From now on I will only be working on Mac (I gave away my PC) but I'm sure I could use a friend's pc (or at a later point install Windows on my Mac). But to use the Package command on PC I need to actually have the images in the correct folder on the PC right?

  • Best way to organise multiple large clips and hundreds of subclips

    Situation
    I have the task of producing a suite of short 2 minute videos comprising highlights of several hours of footage in multiple large files.
    I want to extract and manage the highlights in a non-destructive way and organise them according to subject matter.
    I would then use these in several projects to create the highlights videos required.
    I am using Adobe CC, so it's CS6.
    My approach so far is to:
    1. Import all the footage into a single project as individual large clips
    2. Scrub through each clip, set in/outs and extract to subclip, store in subject matter bin
    My questions:
    1.  if I go back to the original footage and edit it, it doesn't seem to flow through to the subclips. How do I make the subclips inherit the attributes of their parent? (e.g. could be sound, colour, etc)
    2. how do I access these highlights bins from another project?
    3. is this the best way to handle my situation?
    Thanks for your input.
    Ric

    I suppose applying the effects to the source clip and rendering out a new source file is one way of doing it.  Just be very careful that you don't compress the output.  And, of course, it will double the amount of hard drive space.  I'd still make all the sub-clips first and use the "paste attributes" command.  I think you can even lasso a whole bunch of clips and paste attributes to all of them at once (they have to be in the timeline, though - not the project panel).
    It shouldn't take an awful lot of hard drive space to duplicate projects.  Just duplicate the "prproj" file, not the whole projects folder (and certainly not the source material).
    Here's a screen shot of my set-up for a complicated, 5-camera shoot of a play:
    The original project (syncing all the cameras up) is 1 MB, each successive archive gets a little bigger but the current project is only 3.8 MB.  I would imagine if you are deleting bins and sequences for the mini-projects, the prproj file would actually get smaller than the original master.
    Okay.. so here's the mantra about non-tape based video... First you back up the card (including the complete folder structure) onto an archive drive.  Next you copy this folder onto an external or RAID or other "real" archive drive.  Then (and only then) do you start editing the material!
    Ideally, you need at least three, physically separate harddrives (not partitions) in an editing station (this is true Windows or Mac).  One drive for the operating system and applications only (no media or projects or anything!).  One for working projects (each project in its own folder) where everything except the source video is stored.  And finally one for the source video.  On my system my OS drive is Tardis ('cuz I'm a geek!).  I have a Projects drive for projects (duh!) a Scratch drive for working video files and an Archive for "finished" projects waiting delivery and back-back-ups of my SD cards.

  • Best way to work with large file?

    Ok I have a huge file (200mb) that is all sequenes of numbers separate by commas. I wish to know if a specific sequence exists in this file. What is the best way of doing that check? I cant load the whole file into a StringBuffer since it is too large.

    Well, it's not necessarily too large. You might be able to load it all into memory at once.
    But you're right. It's not a good idea.
    What you can do is use a StreamTokenizer set to split on commas.
    Conceptually, you need to have a simple state machine that keeps track of how many consecutive numbers from that sequence you've read. As soon as you hit a number that's not the next one in the sequence, you reset to the beginning of the sequence.
    It's not hard to write it yourself, but there might be a simpler way--one of the IO classes or regex classes might have something for processing a stream that way.

  • Which is the best way for posting a large number of records?

    I have around 12000 register to commit to dababase.
    Which is the best way for doing it?
    What depends on ?
    Nowadays I can't commit such a large number of register..The dabatase seems hanged!!!
    Thanks in advance

    Xavi wrote:
    Nowadays I can't commit such a large number of registerIt should be possible to insert tens of thousands of rows in a few seconds using an insert statement even with a complex query such as the all_objects view, and commit at the end.
    SQL> create table t as select * from all_objects where 0 = 1;
    Table created.
    Elapsed: 00:00:00.03
    SQL> insert into t select * from all_objects;
    32151 rows created.
    Elapsed: 00:00:09.01
    SQL> commit;
    Commit complete.
    Elapsed: 00:00:00.00
    I meant RECORDS instead of REGISTERS.Maybe that is where you are going wrong, records are for putting on turntables.

  • Best way to send a large sound file via e-mail?

    Hello,
    I created a sound file in Sound Studio that is 75.5 MB large. I want to e-mail it to a friend through my Hotmail account. (I have a cable connection. I do not have AOL. And I just discovered that I can play it on my computer using QuickTime.)
    What is the best way to do this? Do I need to compress it? I have heard of compressing large files to make it easy to e-mail, but I don't know how to do it. If so, will he be able to hear it when he opens up the e-mail on his end?
    If anyone could give me step-by-step instructions on how to send this, I'd be most grateful. Thank you.

    If you have Stuffit Expander check inside the folder for Drop Stuff.
    Drop the movie file onto Drop Stuff.
    This will compress the music file.
    Or
    You can send large music files through You Send It which is FREE!
    There are others but, You Send It is the easiest.
    Or
    Since you have a High-speed connection, the easiest & fastest way is through AIM (AOL Instant Messenger). You do not need to be a member of AOL.
    I send all my music & movie files this way instead of using email.
    iChat has the same ability of transferring large files as AIM.
    http://docs.info.apple.com/article.html?artnum=150934

  • Best way to block/deactivate movement type

    hi gurus
    I want to block the movement type 561 for all plants in Company.
    I know we can remove the allowed transaction through tcode OMJJ but I wanted to know if there is another way to block this movement type for use.
    thanks

    Hello Cyrus,
    The first option you already know, remove transactions from mvt type, but you never know that infuture you may require to do some transaction with 561/562 i.e. change UoM, Batch activation/deactivation etc.
    The second and best option is control by authorization. This is very good option as you need not to take care any other configuration. Include this authorization prevantion in std SAP role and assign to all SAP users except the user to whom you want to give authorization for 561.
    The third option is account assignment. Assign account modifier key with some odd name i.e. ZZZ and do not configure account assignment for this combination in OBYC transaction, but I will not recommand this one as some of the transaction will not require account modifier key.
    So either use Authorization or remove transaction code from mvt type.
    Hope this helps.
    Regards
    Arif Mansuri

  • What is the best way to share for large projection?

    I would like embed my movie as part of the Powerpoint to be shown on a Windows machine (my only option). What is the best way to share it so that it doesn't look grainy or pixelated?

    Fool proof? Does Mircosoft make Powerpoint?
    LOL... but seriously
    You could export it out to a Windows Media file.
    http://www.Flip4Mac.com

Maybe you are looking for

  • How can i change my icloud email adress?

    Quick question so when i turned on imail in icloud settings, it made me make an icloud email. I was wondering how can i delete that icloud email adress since i chose one at random to test it. Thanks

  • Exclude A/P Credit Memo from this Query

    Hello All, i am trying to figure out to exclude A/P Invoice that it was already Credit Memo with my existing Query SELECT max(T0.DocDate) as 'Date', max(T1.CardName) as 'Vendor Name', max(T0.Address) as 'Vendor Address', count(T0.DocNum) as 'No. of I

  • Hp photosmart 7510 all in one

    I purchased new ink cartriges from hp on line and now my printer will not print

  • Ichat to PC using AOL

    I have been successful ichatting to another mac using AOL however when I try to ichat with a PC running Vista from the same location I do not receive any audio or video, I can IM..any suggestions.

  • SD Complaint Management

    Hello I try  to customize ECC 6.0 SD Complaint Management. Only thing I found is SPRO-Point in billing, where i can define complaint reasons and setup follow up activities (T-code . Unfortunatly our IDES system has no settings in customizing and also